2 Unix SMB/CIFS implementation.
3 Copyright (C) Jelmer Vernooij <jelmer@samba.org> 2007
4 Copyright (C) Matthias Dieter Wallnöfer 2009
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 3 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program. If not, see <http://www.gnu.org/licenses/>.
20 #include "lib/replace/system/python.h"
21 #include "python/py3compat.h"
23 #include "python/modules.h"
25 #include "param/pyparam.h"
26 #include "lib/socket/netif.h"
27 #include "lib/util/debug.h"
28 #include "librpc/ndr/ndr_private.h"
29 #include "lib/cmdline/cmdline.h"
30 #include "libcli/util/hresult.h"
31 #include "lib/crypto/gkdi.h"
34 static PyObject
*PyExc_NTSTATUSError
;
35 static PyObject
*PyExc_WERRORError
;
36 static PyObject
*PyExc_HRESULTError
;
37 static PyObject
*PyExc_DsExtendedError
;
39 static PyObject
*py_generate_random_str(PyObject
*self
, PyObject
*args
)
45 if (!PyArg_ParseTuple(args
, "n", &len
)) {
49 PyErr_Format(PyExc_ValueError
,
50 "random string length should be positive, not %zd",
54 retstr
= generate_random_str(NULL
, len
);
56 return PyErr_NoMemory();
58 ret
= PyUnicode_FromStringAndSize(retstr
, len
);
63 static PyObject
*py_generate_random_password(PyObject
*self
, PyObject
*args
)
69 if (!PyArg_ParseTuple(args
, "nn", &min
, &max
)) {
72 if (max
< 0 || min
< 0) {
74 * The real range checks happens in generate_random_password().
75 * Here just filter out any negative numbers.
77 PyErr_Format(PyExc_ValueError
,
78 "invalid range: %zd - %zd",
83 retstr
= generate_random_password(NULL
, min
, max
);
85 if (errno
== EINVAL
) {
86 return PyErr_Format(PyExc_ValueError
,
87 "invalid range: %zd - %zd",
90 return PyErr_NoMemory();
92 ret
= PyUnicode_FromString(retstr
);
97 static PyObject
*py_generate_random_machine_password(PyObject
*self
, PyObject
*args
)
103 if (!PyArg_ParseTuple(args
, "nn", &min
, &max
)) {
106 if (max
< 0 || min
< 0) {
108 * The real range checks happens in
109 * generate_random_machine_password().
110 * Here we just filter out any negative numbers.
112 PyErr_Format(PyExc_ValueError
,
113 "invalid range: %zd - %zd",
118 retstr
= generate_random_machine_password(NULL
, min
, max
);
119 if (retstr
== NULL
) {
120 if (errno
== EINVAL
) {
121 return PyErr_Format(PyExc_ValueError
,
122 "invalid range: %zd - %zd",
125 return PyErr_NoMemory();
127 ret
= PyUnicode_FromString(retstr
);
132 static PyObject
*py_check_password_quality(PyObject
*self
, PyObject
*args
)
136 if (!PyArg_ParseTuple(args
, "s", &pass
)) {
140 return PyBool_FromLong(check_password_quality(pass
));
143 static PyObject
*py_generate_random_bytes(PyObject
*self
, PyObject
*args
)
147 uint8_t *bytes
= NULL
;
149 if (!PyArg_ParseTuple(args
, "n", &len
)) {
153 PyErr_Format(PyExc_ValueError
,
154 "random bytes length should be positive, not %zd",
158 bytes
= talloc_zero_size(NULL
, len
);
163 generate_random_buffer(bytes
, len
);
164 ret
= PyBytes_FromStringAndSize((const char *)bytes
, len
);
169 static PyObject
*py_unix2nttime(PyObject
*self
, PyObject
*args
)
175 if (!PyArg_ParseTuple(args
, "I", &_t
)) {
180 unix_to_nt_time(&nt
, t
);
182 return PyLong_FromLongLong((uint64_t)nt
);
185 static PyObject
*py_nttime2unix(PyObject
*self
, PyObject
*args
)
189 if (!PyArg_ParseTuple(args
, "K", &nt
))
192 t
= nt_time_to_unix(nt
);
194 return PyLong_FromLong((uint64_t)t
);
197 static PyObject
*py_float2nttime(PyObject
*self
, PyObject
*args
)
205 if (!PyArg_ParseTuple(args
, "d", &ft
)) {
209 ft_sec
= (double)(int)ft
;
210 ft_nsec
= (ft
- ft_sec
) * 1.0e+9;
212 ts
.tv_sec
= (int)ft_sec
;
213 ts
.tv_nsec
= (int)ft_nsec
;
215 nt
= full_timespec_to_nt_time(&ts
);
217 return PyLong_FromLongLong((uint64_t)nt
);
220 static PyObject
*py_nttime2float(PyObject
*self
, PyObject
*args
)
224 const struct timespec ts_zero
= { .tv_sec
= 0, };
227 if (!PyArg_ParseTuple(args
, "K", &nt
)) {
231 ts
= nt_time_to_full_timespec(nt
);
232 if (is_omit_timespec(&ts
)) {
233 return PyFloat_FromDouble(1.0);
235 ft
= timespec_elapsed2(&ts_zero
, &ts
);
237 return PyFloat_FromDouble(ft
);
240 static PyObject
*py_nttime2string(PyObject
*self
, PyObject
*args
)
246 if (!PyArg_ParseTuple(args
, "K", &nt
))
249 tmp_ctx
= talloc_new(NULL
);
250 if (tmp_ctx
== NULL
) {
255 string
= nt_time_string(tmp_ctx
, nt
);
256 ret
= PyUnicode_FromString(string
);
258 talloc_free(tmp_ctx
);
263 static PyObject
*py_set_debug_level(PyObject
*self
, PyObject
*args
)
266 if (!PyArg_ParseTuple(args
, "I", &level
))
268 debuglevel_set(level
);
272 static PyObject
*py_get_debug_level(PyObject
*self
,
273 PyObject
*Py_UNUSED(ignored
))
275 return PyLong_FromLong(debuglevel_get());
278 static PyObject
*py_fault_setup(PyObject
*self
,
279 PyObject
*Py_UNUSED(ignored
))
289 static PyObject
*py_is_ntvfs_fileserver_built(PyObject
*self
,
290 PyObject
*Py_UNUSED(ignored
))
292 #ifdef WITH_NTVFS_FILESERVER
299 static PyObject
*py_is_heimdal_built(PyObject
*self
,
300 PyObject
*Py_UNUSED(ignored
))
302 #ifdef SAMBA4_USES_HEIMDAL
309 static PyObject
*py_is_ad_dc_built(PyObject
*self
,
310 PyObject
*Py_UNUSED(ignored
))
312 #ifdef AD_DC_BUILD_IS_ENABLED
319 static PyObject
*py_is_selftest_enabled(PyObject
*self
,
320 PyObject
*Py_UNUSED(ignored
))
322 #ifdef ENABLE_SELFTEST
329 static PyObject
*py_ndr_token_max_list_size(PyObject
*self
,
330 PyObject
*Py_UNUSED(ignored
))
332 return PyLong_FromLong(ndr_token_max_list_size());
336 return the list of interface IPs we have configured
337 takes an loadparm context, returns a list of IPs in string form
339 Does not return addresses on 127.0.0.0/8
341 static PyObject
*py_interface_ips(PyObject
*self
, PyObject
*args
)
347 struct loadparm_context
*lp_ctx
;
348 struct interface
*ifaces
;
350 int all_interfaces
= 1;
352 if (!PyArg_ParseTuple(args
, "O|i", &py_lp_ctx
, &all_interfaces
))
355 tmp_ctx
= talloc_new(NULL
);
356 if (tmp_ctx
== NULL
) {
361 lp_ctx
= lpcfg_from_py_object(tmp_ctx
, py_lp_ctx
);
362 if (lp_ctx
== NULL
) {
363 talloc_free(tmp_ctx
);
364 return PyErr_NoMemory();
367 load_interface_list(tmp_ctx
, lp_ctx
, &ifaces
);
369 count
= iface_list_count(ifaces
);
371 /* first count how many are not loopback addresses */
372 for (ifcount
= i
= 0; i
<count
; i
++) {
373 const char *ip
= iface_list_n_ip(ifaces
, i
);
375 if (all_interfaces
) {
380 if (iface_list_same_net(ip
, "127.0.0.1", "255.0.0.0")) {
384 if (iface_list_same_net(ip
, "169.254.0.0", "255.255.0.0")) {
388 if (iface_list_same_net(ip
, "::1", "ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff")) {
392 if (iface_list_same_net(ip
, "fe80::", "ffff:ffff:ffff:ffff::")) {
399 pylist
= PyList_New(ifcount
);
400 for (ifcount
= i
= 0; i
<count
; i
++) {
401 const char *ip
= iface_list_n_ip(ifaces
, i
);
403 if (all_interfaces
) {
404 PyList_SetItem(pylist
, ifcount
, PyUnicode_FromString(ip
));
409 if (iface_list_same_net(ip
, "127.0.0.1", "255.0.0.0")) {
413 if (iface_list_same_net(ip
, "169.254.0.0", "255.255.0.0")) {
417 if (iface_list_same_net(ip
, "::1", "ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff")) {
421 if (iface_list_same_net(ip
, "fe80::", "ffff:ffff:ffff:ffff::")) {
425 PyList_SetItem(pylist
, ifcount
, PyUnicode_FromString(ip
));
428 talloc_free(tmp_ctx
);
432 static PyObject
*py_strcasecmp_m(PyObject
*self
, PyObject
*args
)
437 if (!PyArg_ParseTuple(args
, PYARG_STR_UNI
439 "utf8", &s1
, "utf8", &s2
)) {
443 cmp_result
= strcasecmp_m(s1
, s2
);
446 return PyLong_FromLong(cmp_result
);
449 static PyObject
*py_strstr_m(PyObject
*self
, PyObject
*args
)
453 char *strstr_ret
= NULL
;
454 PyObject
*result
= NULL
;
455 if (!PyArg_ParseTuple(args
, PYARG_STR_UNI
457 "utf8", &s1
, "utf8", &s2
))
460 strstr_ret
= strstr_m(s1
, s2
);
466 result
= PyUnicode_FromString(strstr_ret
);
472 static PyObject
*py_get_burnt_commandline(PyObject
*self
, PyObject
*args
)
474 PyObject
*cmdline_as_list
, *ret
;
475 char *burnt_cmdline
= NULL
;
478 TALLOC_CTX
*frame
= talloc_stackframe();
481 if (!PyArg_ParseTuple(args
, "O!", &PyList_Type
, &cmdline_as_list
))
487 argc
= PyList_GET_SIZE(cmdline_as_list
);
494 argv
= PyList_AsStringList(frame
, cmdline_as_list
, "sys.argv");
500 burnt
= samba_cmdline_burn(argc
, argv
);
506 for (i
= 0; i
< argc
; i
++) {
508 burnt_cmdline
= talloc_strdup(frame
,
512 = talloc_asprintf_append(burnt_cmdline
,
516 if (burnt_cmdline
== NULL
) {
523 ret
= PyUnicode_FromString(burnt_cmdline
);
529 static PyMethodDef py_misc_methods
[] = {
530 { "generate_random_str", (PyCFunction
)py_generate_random_str
, METH_VARARGS
,
531 "generate_random_str(len) -> string\n"
532 "Generate random string with specified length." },
533 { "generate_random_password", (PyCFunction
)py_generate_random_password
,
534 METH_VARARGS
, "generate_random_password(min, max) -> string\n"
535 "Generate random password (based on printable ascii characters) "
536 "with a length >= min and <= max." },
537 { "generate_random_machine_password", (PyCFunction
)py_generate_random_machine_password
,
538 METH_VARARGS
, "generate_random_machine_password(min, max) -> string\n"
539 "Generate random password "
540 "(based on random utf16 characters converted to utf8 or "
541 "random ascii characters if 'unix charset' is not 'utf8') "
542 "with a length >= min (at least 14) and <= max (at most 255)." },
543 { "check_password_quality", (PyCFunction
)py_check_password_quality
,
544 METH_VARARGS
, "check_password_quality(pass) -> bool\n"
545 "Check password quality against Samba's check_password_quality, "
546 "the implementation of Microsoft's rules: "
547 "http://msdn.microsoft.com/en-us/subscriptions/cc786468%28v=ws.10%29.aspx"
549 { "unix2nttime", (PyCFunction
)py_unix2nttime
, METH_VARARGS
,
550 "unix2nttime(timestamp) -> nttime" },
551 { "nttime2unix", (PyCFunction
)py_nttime2unix
, METH_VARARGS
,
552 "nttime2unix(nttime) -> timestamp" },
553 { "float2nttime", (PyCFunction
)py_float2nttime
, METH_VARARGS
,
554 "pytime2nttime(floattimestamp) -> nttime" },
555 { "nttime2float", (PyCFunction
)py_nttime2float
, METH_VARARGS
,
556 "nttime2pytime(nttime) -> floattimestamp" },
557 { "nttime2string", (PyCFunction
)py_nttime2string
, METH_VARARGS
,
558 "nttime2string(nttime) -> string" },
559 { "set_debug_level", (PyCFunction
)py_set_debug_level
, METH_VARARGS
,
561 { "get_debug_level", (PyCFunction
)py_get_debug_level
, METH_NOARGS
,
563 { "fault_setup", (PyCFunction
)py_fault_setup
, METH_NOARGS
,
564 "setup the default samba panic handler" },
565 { "interface_ips", (PyCFunction
)py_interface_ips
, METH_VARARGS
,
566 "interface_ips(lp_ctx[, all_interfaces) -> list_of_ifaces\n"
568 "get interface IP address list"},
569 { "strcasecmp_m", (PyCFunction
)py_strcasecmp_m
, METH_VARARGS
,
570 "(for testing) compare two strings using Samba's strcasecmp_m()"},
571 { "strstr_m", (PyCFunction
)py_strstr_m
, METH_VARARGS
,
572 "(for testing) find one string in another with Samba's strstr_m()"},
573 { "is_ntvfs_fileserver_built", (PyCFunction
)py_is_ntvfs_fileserver_built
, METH_NOARGS
,
574 "is the NTVFS file server built in this installation?" },
575 { "is_heimdal_built", (PyCFunction
)py_is_heimdal_built
, METH_NOARGS
,
576 "is Samba built with Heimdal Kerberos?" },
577 { "generate_random_bytes",
578 (PyCFunction
)py_generate_random_bytes
,
580 "generate_random_bytes(len) -> bytes\n"
581 "Generate random bytes with specified length." },
582 { "is_ad_dc_built", (PyCFunction
)py_is_ad_dc_built
, METH_NOARGS
,
583 "is Samba built with AD DC?" },
584 { "is_selftest_enabled", (PyCFunction
)py_is_selftest_enabled
,
585 METH_NOARGS
, "is Samba built with selftest enabled?" },
586 { "ndr_token_max_list_size", (PyCFunction
)py_ndr_token_max_list_size
,
587 METH_NOARGS
, "How many NDR internal tokens is too many for this build?" },
588 { "get_burnt_commandline", (PyCFunction
)py_get_burnt_commandline
,
589 METH_VARARGS
, "Return a redacted commandline to feed to setproctitle (None if no redaction required)" },
593 static struct PyModuleDef moduledef
= {
594 PyModuleDef_HEAD_INIT
,
596 .m_doc
= "Python bindings for miscellaneous Samba functions.",
598 .m_methods
= py_misc_methods
,
601 MODULE_INIT_FUNC(_glue
)
604 PyObject
*py_obj
= NULL
;
607 debug_setup_talloc_log();
609 m
= PyModule_Create(&moduledef
);
613 PyModule_AddObject(m
, "version",
614 PyUnicode_FromString(SAMBA_VERSION_STRING
));
615 PyExc_NTSTATUSError
= PyErr_NewException("samba.NTSTATUSError", PyExc_RuntimeError
, NULL
);
616 if (PyExc_NTSTATUSError
!= NULL
) {
617 Py_INCREF(PyExc_NTSTATUSError
);
618 PyModule_AddObject(m
, "NTSTATUSError", PyExc_NTSTATUSError
);
621 PyExc_WERRORError
= PyErr_NewException("samba.WERRORError", PyExc_RuntimeError
, NULL
);
622 if (PyExc_WERRORError
!= NULL
) {
623 Py_INCREF(PyExc_WERRORError
);
624 PyModule_AddObject(m
, "WERRORError", PyExc_WERRORError
);
627 PyExc_HRESULTError
= PyErr_NewException("samba.HRESULTError", PyExc_RuntimeError
, NULL
);
628 if (PyExc_HRESULTError
!= NULL
) {
629 Py_INCREF(PyExc_HRESULTError
);
630 PyModule_AddObject(m
, "HRESULTError", PyExc_HRESULTError
);
633 PyExc_DsExtendedError
= PyErr_NewException("samba.DsExtendedError", PyExc_RuntimeError
, NULL
);
634 if (PyExc_DsExtendedError
!= NULL
) {
635 Py_INCREF(PyExc_DsExtendedError
);
636 PyModule_AddObject(m
, "DsExtendedError", PyExc_DsExtendedError
);
639 PyModule_AddObject(m
, "HRES_E_INVALIDARG",
640 PyLong_FromUnsignedLongLong(HRES_ERROR_V(HRES_E_INVALIDARG
)));
641 PyModule_AddObject(m
, "HRES_NTE_BAD_KEY",
642 PyLong_FromUnsignedLongLong(HRES_ERROR_V(HRES_NTE_BAD_KEY
)));
643 PyModule_AddObject(m
, "HRES_NTE_NO_KEY",
644 PyLong_FromUnsignedLongLong(HRES_ERROR_V(HRES_NTE_NO_KEY
)));
645 PyModule_AddObject(m
, "HRES_SEC_E_INVALID_TOKEN",
646 PyLong_FromUnsignedLongLong(HRES_ERROR_V(HRES_SEC_E_INVALID_TOKEN
)));
647 PyModule_AddObject(m
, "HRES_SEC_E_LOGON_DENIED",
648 PyLong_FromUnsignedLongLong(HRES_ERROR_V(HRES_SEC_E_LOGON_DENIED
)));
650 ret
= PyModule_AddIntConstant(m
, "GKDI_L1_KEY_ITERATION", gkdi_l1_key_iteration
);
655 ret
= PyModule_AddIntConstant(m
, "GKDI_L2_KEY_ITERATION", gkdi_l2_key_iteration
);
660 py_obj
= PyLong_FromLongLong(gkdi_key_cycle_duration
);
661 if (py_obj
== NULL
) {
665 ret
= PyModule_AddObject(m
, "GKDI_KEY_CYCLE_DURATION", py_obj
);
671 py_obj
= PyLong_FromLongLong(gkdi_max_clock_skew
);
672 if (py_obj
== NULL
) {
676 ret
= PyModule_AddObject(m
, "GKDI_MAX_CLOCK_SKEW", py_obj
);